SecurityRatty: tag: aws

Computing in the Clouds with AWS

2008-07-25 09:34:14 by Tim Bass in The Complex Event Processing Blog

...AWS) cloud. Amazon EC2 is one option to scale the forums, which is a LAMP application Amazon EC2 allowsus to rent dedicated servers (instances) on-demand to run applications, such as the forums. Then we can run and host on EC2 any Linux application; but unlike classic hosting wherefolks install your application and set up your server for you,...

Tags: amazon ec2, ec2, ec2 articles, ec2 solutions catalog, amazon ec2 allowsus, linux application, application, aws, clouds

Whats New in the Amazon Cloud?: Security Vulnerability in Amazon EC2 and SimpleDB Fixed (7.5 Months After Notification)

2008-12-18 23:09:54 by Craig Balding in Cloud Security

...AWS homepage, is that Amazon just rolled out an important security fix to correct a basic, but significant, cryptographic weakness in their request signing code. The flaw affects their database API (SimpleDB) and compute API (EC2) services Colin Percival discovered the weakness and reported it to Amazon back in May (!). Thats 7.5 months ago....

Tags: amazon, amazon cloud, simpledb, security, vulnerability, aws signature version, security vulnerability, signature version, amazon devpay

A Question of Integrity: To MD5 or Not to MD5

2008-06-25 19:50:57 by Craig Balding in Cloud Security

...AWS forums about S3 Corruption . The first post in the forum was recorded at Jun 22, 2008 5:05 PM PDT (although in subsequent posts some people reported emailing Amazon prior to this we are having some serious S3 issues all data we store on S3 has gone through the same code path for months. starting a couple days ago a small percentage of the...

Tags: amazon prior, amazon, aws, aws status page, md5, load balancer, single load balancer, status, data

Is Your Amazon Machine Image Vulnerable to SSH Spoofing Attacks?

2008-07-14 16:26:40 by Craig Balding in Cloud Security

...AWS website where they collect security related items together (e.g. best practices, advisories, key management). In my view, this is a shame as it probably undermines the effort that Amazon are putting into their security (for some customers, if they dont see it, it doesnt exist A Security link on the main AWS homepage pointing to those...

Tags: ssh, limit ssh access, ssh host keys, host keys, ssh user keys, amazon, host ssh keys, amazon machine image, initial ssh connection

Is Your Browser Leaving Your Cloud Assets Vulnerable?

2008-12-17 06:26:37 by Craig Balding in Cloud Security

...AWS password, she can directly access the AWS management pages, claim your AccessID and Secret Key and perform a Cloud takeover from any source IP address of her choosing The lack of Cloud visibility means you have no administrative audit trail to (a) pro-actively monitor for misuse of your credentials and (b) perform rapid response. On that...

Tags: browser, cloud, browser security products, cloud slas, cloud visibility, normal web browser, cloud takeover, browser bugs, cloud providers

Where are the Security Dashboards for Cloud Services?

2008-04-17 18:55:44 by Craig Balding in Cloud Security

...AWS) Support announcing new support offerings. One item that caught my attention is the new Service Health Dashboard The dashboard is pretty standard fare - traffic lights to show availability for each Amazon service with a historical view available at the bottom This is good and all but where is the security dashboard? Id like to know their...

Tags: availability, service availability dashboard, dashboard, security dashboard, security metrics, service health dashboard, support offerings, amazon web services, support

The Attack of the Spiders from the Clouds

2008-07-31 15:09:19 by Tim Bass in The Complex Event Processing Blog

...AWS over at The CEP Blog . The server over at The UNIX and Linux Forums has been experiencing some very hardware-limited, high load averages recently. We thought we should take a look at moving the forum server up to the clouds Then, a fellow system admin over at the forums suggested that maybe some rogue bots were causing high server loads;...

Tags: attack, spiders, ec2-67-202-45-0, ec2, amazon ec2 cloud, cloud, clouds, attack runs, hungry spiders

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo